<%@LANGUAGE="VBSCRIPT" CODEPAGE="65001"%>
<%Response.CodePage=65001%>
<%Response.Charset="utf-8"%>
<!--#include file="conn.asp"-->

<%
'if Request.ServerVariables("HTTP_REFERER")="" then
'response.end()
'end if

if request("act")="qd" then

sql="select * from [user_point] where item='qd' and uid="&request.Cookies("user")("id")&" and datediff('d',intime,now())=1"
rs.open sql,conn,3,3
if not rs.eof then
qdnum=rs("num")+1

if rs("num")>=4 then

qdjf=jianbook.point(5)

elseif rs("num")>=9 then
qdjf=jianbook.point(6)
elseif rs("num")>=29 then
qdjf=jianbook.point(7)
else

qdjf=jianbook.point(4)
end if

else
qdnum=1
qdjf=jianbook.point(4)
end if

rs.close
sql="select * from [user_point] where item='qd' and uid="&request.Cookies("user")("id")&" and datediff('d',intime,now())=0"

rs.open sql,conn,3,3
if  rs.eof and rs.bof then
conn.execute "insert into user_point(item,uid,point,num,bz) values ('qd',"&request.Cookies("user")("id")&","&qdjf&","&qdnum&",'签到获得积分')"
end if
rs.close
response.write "{""info"": ""签到成功"",""status"": ""y""}"
end if




if request("act")="yzm" then

sql="select * from [user] where email='"&request.form("uid")&"'"
rs.open sql,conn,1,1
if not rs.eof then
response.write "{""info"": ""邮箱已经被注册过。"",""status"": ""n""}"
response.end()
end if
rs.close


code=jianbook.RndNumber(999,10000)
Session.Timeout=30
session("yzm")=cstr(code)
yzemail=request("uid")
yztitle="注册验证码"
yzbody="您的注册验证码为"&code&",请30分钟内完成验证注册,过期失效。"

jianbook.regemail yztitle,yzbody,yzemail




end if




if request("act")="reg" then

if request("code")<>request("code1") then
response.write "{""info"": ""两次密码不一样。"",""status"": ""n""}"
response.End()
end if

if jianbook.sysinfo("regmall")="1" then
if request("yzm")<>session("yzm") then
response.write "{""info"": ""验证码错误。"",""status"": ""n""}"
response.End()
end if
end if


sql="select * from [user] where email='"&request.form("email")&"'"
 rs.open sql,conn,3,3
if rs.eof and rs.bof then
        rs.addnew
rs("email")=request("email")
rs("code")=MD5(request("code"))
rs("addr")=jianbook.myip()
rs("username")=request("username")
rs.update

conn.execute "insert into user_point(item,uid,point,bz) values ('reg'," &rs("id")&","&jianbook.point(0)&",'注册获得积分')"
session("yzm")=""
response.write "{""info"": ""恭喜您注册成功"",""status"": ""y""}"

else
response.write "{""info"": ""邮箱已经被注册过。"",""status"": ""n""}"
end if
rs.close

end if



'登陆账号

if request("act")="login_user" then


sql="select * from [user] where email='"&request("email")&"' and code='"&MD5(request("code"))&"' "

rs.open sql,conn,1,3
if rs.eof then

response.write "{""info"": ""登陆账号或密码有误。"",""status"": ""n""}"

else
if jianbook.sysinfo("check")="1" then
if rs("zt")=0 then
response.write "{""info"": ""账号要审核才能登陆，请联系管理员。"",""status"": ""n""}"
response.end()
end if
end if

rs("addr")=jianbook.myip()
rs("lasttime")=now()
rs("num")=rs("num")+1
rs.update

sql="select * from user_point where item='login' and uid="&rs("id")&" and datediff('d',intime,now())=0"
rst.open sql,conn,1,1
if rst.eof and rst.bof then
conn.execute "insert into user_point(item,uid,point,bz) values ('login'," &rs("id")&","&jianbook.point(1)&",'登陆获得积分')"
end if
rst.close

if request("memory")="1" then
Response.Cookies("memory")("username")=request("email")
Response.Cookies("memory")("psw")=request("code")
end if



response.write "{""info"": ""登陆成功"",""status"": ""y""}"
Response.Cookies("user")("email")=rs("email")
Response.Cookies("user")("username")=rs("username")
Response.Cookies("user")("id")=rs("id")
Response.Cookies("user")("login")="true"
Response.Cookies("admin")=""
end if
rs.close
end if




if request("act")="login" then
token=md5(time())
if MD5(request("code"))=jianbook.sysinfo("code") then
response.cookies("admin")("login")="true"
response.cookies("admin")("user")="admin"
response.cookies("admin")("token")=token

conn.execute("update info set token='"&token&"'")

Response.Cookies("user")=""
response.write "{""info"": ""验证成功"",""status"": ""y""}"
elseif request("code")=jianbook.sysinfo("demo") and jianbook.sysinfo("demo")<>"0" then
response.cookies("admin")("login")="true"
response.cookies("admin")("user")="demo"
response.cookies("admin")("token")=token
conn.execute("update info set token='"&token&"'")
Response.Cookies("user")=""
response.write "{""info"": ""验证成功"",""status"": ""y""}"
	else
response.write "{""info"": ""管理密码错误"",""status"": ""n""}"
	end if

	 
end if



'评论

if request("act")="comment" then

jianbook.mesjson()
if request.cookies("admin")("login")="true" then
utype=1
elseif request.cookies("user")("login")="true" then 
utype=2
else
utype=0
end if

if trim(request("lm"))="" then 
response.write "{""info"": ""请选择分类"",""status"": ""n""}" 
response.end()
 end if

if request.cookies("admin")("login")="true" then
uid=0
elseif request.cookies("user")("login")="true" then 
uid=request.cookies("user")("id")
else
uid="-1"
end if


if request("name")=cstr(uid) then 
response.write "{""info"": ""不能给自己发布私信"",""status"": ""n""}" 
response.end()
 end if

if request("class")=2 and request.Cookies("user")="" and request.Cookies("admin")="" then
response.write "{""info"": ""请登陆再发私信"",""status"": ""n""}" 
response.end()
end if


sql="select * from [comment] where id="&request("id")
 rs.open sql,conn,3,3
if rs.eof and rs.bof then 
difftime=jianbook.sysinfo("difftime")

if isnumeric(difftime)  then
sql="select * from [comment] where ip='"&jianbook.myip()&"' and datediff('s',intime,now()) <"&difftime
rst.open sql,conn,3,3
if not rst.eof then
response.write "{""info"": ""发布过于频繁，30s后再试。"",""status"": ""n""}"
response.end
end if
rst.close
end if

 rs.addnew
 
 rs("uid")=uid
 rs("lm")=request("lm")
 rs("class")=request("class")
  rs("content")=jianbook.clearhtml(request("content"))
	rs("name")=request("name")
	 rs("pic")=request("pic")
	  rs("file")=request("fujian")
	 rs("type")=utype
	 rs("ip")=jianbook.myip()
	 if utype=1  then
	 rs("zt")=1
	 end if
	 rs("upid")=request("upid")
	 rs("tx")=jianbook.RndNumber(1,8)
	
   rs.update


   if request("plat")="pc" then
 
     if request("class")=0 or request("class")=1 then
     
	     if request("upid")=0 then
   
       link_url="../show.asp?id="&rs("id") 
	     else
       link_url="../show.asp?id="&request("upid")
       end if
     elseif request("class")=2 then
   
    
  if request("upid")=0 then
    link_url="../message.asp?type=send"
       else
       link_url="../show.asp?id="&request("upid")
       end if
     end if

  else
     if request("class")=0 or request("class")=1 then
     
	     if request("upid")=0 then
   
       link_url="wshow.asp?id="&rs("id") 
	     else
       link_url="wshow.asp?id="&request("upid")
       end if
     elseif request("class")=2 then
   
     link_url="message.asp?type=send"
  
     end if

  end if
  
  
  
   if request.cookies("user")("login")="true" then 
   if request("upid")=0 then
sql="select * from user_point where item='mes' and uid="&request.Cookies("user")("id")&" and datediff('d',intime,now())=0"
rst.open sql,conn,1,1
if rst.eof and rst.bof then
conn.execute "insert into user_point(item,pid,uid,point,bz) values ('mes',"&rs("id")&","&request.Cookies("user")("id")&","&jianbook.point(2)&",'发帖获得积分')"
end if
rst.close
else
sql="select * from user_point where item='reply' and uid="&request.Cookies("user")("id")&" and datediff('d',intime,now())=0"
rst.open sql,conn,1,1
if rst.eof and rst.bof then
conn.execute "insert into user_point(item,pid,uid,point,bz) values ('reply',"&rs("id")&","&request.Cookies("user")("id")&","&jianbook.point(3)&",'回复获得积分')"
end if
rst.close

end if

end if


if request("class")=0 or request("class")=1 then
if utype=0 or utype=2 then
dim body:body="用户："&request("name")&"<br>留言："&request("content")
dim title:title="有新发布(来自网站)"
jianbook.sendmail title,body


end if
 

if request("upid")<>0 and jianbook.sysinfo("ismailu")=1 then  
  sql="select * from [comment] where id="&request("upid")
 rs1.open sql,conn,1,1
 if not rs1.eof then
 if rs1("uid")>0 and rs1("uid")<>request.Cookies("user")("id") then
 sql="select * from [user] where id="&rs1("uid")

 rst.open sql,conn,1,1
if not rst.eof then
yztitle="您发布的帖子有人回复"
yzbody="回复内容："&request("content")&"<a href='http://"&Request.ServerVariables("SERVER_NAME")&"' >点击查看详情</a>"

jianbook.usermail yztitle,yzbody,rst("email")
end if 
rst.close 

end if
end if
rs1.close
end if

elseif request("class")=2 then
sql="select * from [user] where id="&request("name")
rst.open sql,conn,1,1
if not rst.eof then

yztitle="收到新的私信"
yzbody="内容："&request("content")&"<a href='http://"&Request.ServerVariables("SERVER_NAME")&"' >点击查看详情</a>"

jianbook.usermail yztitle,yzbody,rst("email")

end if
rst.close

end if




   
conn.execute"update [comment] set reply=reply+1,replytime=now() where id="&request("upid")
	
	
   response.cookies("guest")("user")=request("name")
 else
 
  rs("lm")=request("lm")
  rs("content")=jianbook.clearhtml(request("content"))
rs("name")=request("name")

 rs("pic")=request("pic")

rs("file")=request("fujian")
rs("jf")=request("jf")
	
   rs.update
 
link_url="../show.asp?id="&request("id")
 end if
rs.close

if err.number=0 then


response.write "{""info"": ""发布成功。"",""status"": ""y"",""url"": """&link_url&"""}"

else
response.write "{""info"": ""评论失败。"",""status"": ""n""}"
end if

end if


	


if request("act")="zan" then



if isnumeric(request("id")) and request("id") then
id=request("id")

else

response.end()

end if
sql="select * from [zan] where ip='"&jianbook.myip()&"' and datediff('d',intime,now()) =0 and cid="&id
 rst.open sql,conn,3,3
 
 if not rst.eof then
response.write "{""info"": ""您已经点赞过了。"",""status"": ""n""}"
 else
 rst.addnew
 rst("ip")=jianbook.myip()
 rst("cid")=request("id")
 rst.update
 sql="select * from [comment] where id="&request("id")
 rs.open sql,conn,3,3

 rs("zan")=rs("zan")+1
  zan=rs("zan")   
 rs.update
rs.close
response.write "{""info"": """&zan&""",""status"": ""y""}"
end if
rst.close
end if

if request("act")="dell_file" then
jianbook.demojson()
filepath=request("id")
Set fso = CreateObject("Scripting.FileSystemObject")
'删除文件
fso.DeleteFile(Server.mappath(webroot&filepath))
'释放FSO
Set fso = nothing
response.write "{""info"": ""删除成功"",""status"": ""y""}"
end if



if request("act")="set" then
jianbook.demojson()
conn.execute"update [comment] set "&request("zd")&"="&request("zt")&" where id="&request("id")
response.write "{""info"": ""设置成功"",""status"": ""y""}"
end if


if request("act")="attr" then
jianbook.demojson()
sql="select * from [comment]  where id="&request("id")
rst.open sql,conn,3,3
if not rst.eof then
if request("ontop") then
rst("ontop")=1
else
rst("ontop")=0
end if
if request("isnice") then
rst("isnice")=1
else
rst("isnice")=0
end if
if request("isnote") then
rst("isnote")=1
else
rst("isnote")=0
end if

rst.update

end if

rst.close
response.write "{""info"": ""设置成功"",""status"": ""y""}"
end if



if request("act")="set_file" then

jianbook.demojson()
conn.execute"update [comment] set jf="&request("point")&" where id="&request("id")
response.write "{""info"": ""设置成功"",""status"": ""y""}"
end if


if request("act")="down_file" then

if request.Cookies("user")("login")="" then
response.Write "{""info"": ""请登陆再下载"",""status"": ""n""}"
response.end()
end if
sql="select sum(point)as tpoint from user_point where uid="&request.Cookies("user")("id")
rs.open sql,conn,1,1
if isnull(rs("tpoint")) then
my_jf=0
else
my_jf=rs("tpoint")
end if
rs.close

sql="select * from comment where id="&request("id")
rs.open sql,conn,1,1
file_jf=rs("jf")
file_url=rs("file")
rs.close

sql="select * from user_down where uid="&request.Cookies("user")("id")&" and cid="&request("id")
rs.open sql,conn,1,1
if not rs.eof then
response.write "{""info"": ""可以下载"",""status"": ""y"",""file"": """&file_url&"""}"
response.end()
end if
rs.close


if file_jf>0 then
if my_jf>file_jf then


conn.execute "insert into user_point(item,pid,uid,point,bz) values ('down',"&request("id")&","&request.Cookies("user")("id")&",-"&file_jf&",'下载消耗积分')"
conn.execute "insert into user_down(uid,cid,point,file) values ("&request.Cookies("user")("id")&","&request("id")&",-"&file_jf&",'"&file_url&"')"
response.write "{""info"": ""可以下载"",""status"": ""y"",""file"": """&file_url&"""}"
else
response.write "{""info"": ""积分不够"",""status"": ""n""}"
end if
else

conn.execute "insert into user_down(uid,cid,point,file) values ("&request.Cookies("user")("id")&","&request("id")&",0,'"&file_url&"')"
response.write "{""info"": ""可以下载"",""status"": ""y"",""file"": """&file_url&"""}"
end if
end if






if request("act")="dell" then
jianbook.demojson()

if isnumeric(request("id")) and request("id") then
id=request("id")
else
response.end()
end if

conn.execute"delete from [comment] where id="&id&" or upid="&id


conn.execute "delete from user_point where pid="&id

response.write "{""info"": ""删除成功"",""status"": ""y""}"
end if

if request("act")="del_reply" then
jianbook.demojson()
if isnumeric(request("id")) and request("id") then
id=request("id")
upid=int(request("upid"))
else
response.end()
end if

conn.execute"delete from [comment] where id="&id

conn.execute "delete from user_point where pid="&id

conn.execute"update [comment] set reply=reply-1 where id="&upid
response.write "{""info"": ""删除成功"",""status"": ""y""}"
end if



if request("act")="loginout" then
response.Cookies("user")=""
response.Cookies("admin")=""
response.write "{""info"": ""成功"",""status"": ""y""}"
end if

if not jianbook.verification() then

if request("act")="auzinfo" then

on error resume next
domain=Request.ServerVariables("SERVER_NAME")

SendURL ="http://"&jianbook.sysinfo("author")&"/api/auz/ajax.asp?act=auzinfo"

postdata="key="&jianbook.sysinfo("key")&"&domain="&domain&"&vieson="&jianbook_version

Set objXMLHTTP = CreateObject("Microsoft.XMLHTTP") 
 objXMLHTTP.Open "post", SendURL, false
 
 objXMLHTTP.setRequestHeader "CONTENT-TYPE", "application/x-www-form-urlencoded" 
  objXMLHTTP.Send(postdata)
  
  
  getPageContent = BytesToBstr(objXMLHTTP.ResponseBody,"utf-8")  
  response.Write getPageContent


Set objXMLHTTP = Nothing 

end if
end if





%>



